Hackers go after State, academia in new attacks wave


Criminals have turned to both web and mobile platforms to carry out their nefarious activities.

Photo credit: File | Nation Media Group

What you need to know:

  • Criminals have turned to both web and mobile platforms to carry out their nefarious activities.
  • The aim of the attackers is to disrupt services and steal critical data.

Hackers descended heavily on web and mobile applications, targeting the government, academia, and end users of phone apps in a trend that hit provision of critical services by key institutions in the three months to September.

This was the time the government’s e-government platform was temporarily grounded due to cyberattacks, even as a new requirement for compulsory payment of State services via a single pay bill account was passed.

This is according to the latest cybersecurity report, which shows that between July and September, at least 106,603 threats on web apps were detected, an increase of 36 per cent from threats detected in the previous quarter.

During the three months, the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC) issued over 1.7 million advisories relating to web application attacks.

“During the three-month period between July to September 2023, the National KE-CIRT/CC detected 106,603 web application attack attempts targeting critical infrastructure service providers. This represented a 35.95 per cent increase from the last period April to June 2023,” the report noted.

It notes that top-targeted systems in web application attacks included authentication portals, databases and web servers, with top-targeted exploits being vulnerable HTTP, remote code execution (RCE), and broken authentication.

It further notes that hackers were after systems deemed to hold sensitive information “and services such as s authentication data, financial data, and public services as was the case with the DDoS attack on the eCitizen platform.”

“The attack objectives were to make services unavailable, manipulate databases, and release sensitive data for purposes of damaging organisations’ reputation.

“While the web application attacks were relatively minimal as compared to other attack vectors, their impact was very significant as was the case with the eCitizen DDoS attack, which led to the unavailability of online public services,” the report observed.

The latest information reflects continuation of a trend where cyberattacks continue to be witnessed at a high rate in the country, a trend that became prominent in 2020 when internet use expanded significantly as millions faced a lockdown at the height of the Covid-19 pandemic.

Cyberattacks targeting digital financial services have been rampant, where innocent Kenyans are defrauded digitally, but also attacks to paralyse the services of corporates, government services, and even mobile applications have grown.

The report notes that during the three months, mobile application attacks increased by 53.7 per cent to see 27,147 threats detected, mainly targeting end users of the mobile apps.

“The perpetrators of these attacks sought to steal sensitive user data such as Personally Identifiable Information (PII), login credentials, and financial details for malicious purposes,” the report noted.

The attacks on web and mobile applications went up even as cyber threats fell by 11 percent overall, with 123,899,936 being detected during the three months.